[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and SASL...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The plot thickens...
According to the docs, I have to create the file
'/usr/lib/sasl2/slapd.conf' and add this:
pwcheck_method: saslauthd

...so slapd knows to use saslauthd. Is there a switch to use to tell
slapd to use this file? If I start slapd, 'slapd -d -1 2>1& | tee
/tmp/output.txt' and try to ssh to the box with a test user, I would
think that grep'ing the /tmp/output.txt for 'conf' would show it looking
for the /usr/lib/sasl2/slapd.conf, but it's not in there.
Strace doesn't show any attempt for /usr/lib/sasl2/slapd.conf either.

Thanks again!
Tobias

paul kölle wrote:
| Tobias Rice wrote:
|
|> Paul-
|> Thanks for your reply, I appriciate the advice. I will be using SSL/TLS
|> between my systems -> this ldap server.
|> But my problem is still how to plug OpenLDAP into SASL??? I've read some
|> stuff about putting '{SASL}user@realm' in the userPassword: field and
|> ldap will have cyrus auth against my kdc. As I mentioned earlier it
|> seems that all of my pieces are working fine except OpenLDAP -> SASL.
|> What do I need to do to make this work?
|> Many thanks!
|> Tobias
|
|
| Sorry for beeing so unspecific ;)
|
| Have you told slapd to use saslauthd for authentication in
| /etc/sasl2/slapd.conf? (note: the location of that file may differ)
|
| read this if you haven't already:
|
| http://www.openldap.org/faq/data/cache/944.html
|
|
| hth
|  Paul
|
| PS: If you are sure your configuration is correct, please do a
| bind/search whatever operation and post the relevant logs from slapd(8)
| and your KDC. Make sure to have a decent logging level set in slapd.conf.
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)

iD8DBQFBf/HWRJX8S0T0CkURAvD2AKCs4Wn555+TDwmPqTOXUU6yL5N3ZACgmbgz
g+yXOwWA4YaRq23DryuCsbs=
=daPK
-----END PGP SIGNATURE-----